CVE-2024-41734

Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform

CVSS 4.3 MEDIUMEPSS 0.3%CWE-862

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

SAP_SE · SAP NetWeaver Application Server ABAP and ABAP Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://me.sap.com/notes/3494349 https://url.sap/sapsecuritypatchday